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EXAMINER'S AMENDMENT 

1. An examiner's amendment to the record appears below. Should the 
changes and/or additions be unacceptable to applicant, an amendment may 
be filed as provided by 37 CFR 1.312. To ensure consideration of such an 
amendment, it MUST be submitted no later than the payment of the issue 
fee. 

Authorization for this examiner's amendment was given in a telephone 
interview with Dolly Wu on 7/18/07. 

The claims have been amended as follows: 

Claim 1. (currently amended) A computing device comprising: 
a processing system; 

an externally-accessible memory coupled to the processing system; 

a secret identification number generated for the computing device and stored in a secure 
memory that is not externally-accessible; 

a key generator for generating a random key associated with a selected electronic file to 
be stored in the externally-accessible memory; 

a symmetrical encryption system to generate an encrypted key by symmetrically 
encrypting the random key using the secret identification number; 

wherein the processing system associates a digital certificate with an electronic file, 
where the digital certificate contains the encrypted key, such that the electronic file can be 
accessed only after the processing system restores the random key through decryption of the 
encrypted key with the secret identification number; 

wherein the random key is used to sign the file digital certificate, the electronic file is 
optionally encrypted using the random key, the electronic file is accessed when the file digital 
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certificate is verified using the random key and the encrypted electronic file is decrypted using the 
random key; and 

the externally-accessible memory further comprising an asymmetric manufacture 
certificate to bind firmware to the processing system. 

Claim 2. (currently amended) The computing device of claim 1 wherein digital certificate 
contains a software signature that is symm e trically e ncrypt e d using th e random key ; wherein the 
software signature comprises i& a signatur e for hash of the electronic file that is 
symmetrically encrypted using the random key. 

Claim 3. (canceled) 

Claim 5. (canceled) 

Claim 7. (currently amended) A method of providing security to files stored in an externally- 
accessible memory of a computing device comprising the steps of: 

storing a secret identification number for the computing device in a secure memory that is 
not externally-accessible; 

generating a random key; 

generating an encryptedjcey by symmetrically encrypting the random key using the secret 
identification number; 

associating a digital certificate with the an electronic file, where the digital certificate 
contains the encrypted key, such that the electronic file can be accessed only after restoring the 
random key through decryption of the encrypted key with the secret identification number; 
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using the random key to sign the file digital certificate, and optionally encrypting the 
electronic file using the random key, and wherein the electronic file is accessed when the file 
digital certificate is verified using the random key and the encrypted electronic file is decrypted 
using the random key; and 

binding firmware to the computing device by an asymmetric manufacture certificate in 
the externally-accessible memory. 

Claim 8. (currently amended) The method of claim 7 wherein the associating step includes the 
step of generating a software signature encrypted using the random key and storing the software 
signature in the digital certificate; wherein the software signature comprises « a 
signatur e for hash of the electronic file that is symmetrically encrypted using the 
random key. 

Claim 9. (canceled) 

Claims 16-17. (canceled) 

Claim 18. (currently amended) The computing device of claim 1 A d e vic e with a security 
syst e m for e l e ctronic fil e s including a platform c e rtificat e comprising: 
a proc e s s ing syst e m; 

an e xt e rnally acc e ssibl e m e mory coupl e d to th e proc e s s ing sy s tem; 

a s e cr e t id e ntification numb e r g e n e rated for th e computing devic e and stor e d in a secur e 

m e mory that is not e xt e rnally acc e ssible; 

a k e y g e n e rator for g e n e rating a random k e y associated with a s e l e ct e d e l e ctronic file to 

b e stor e d in th e e xt e rnally acc e ssibl e memory; 



Application/Control Number: 10/619,031 
Art Unit: 2132 



Page 5 



— ; a symm e trical e ncryption system to g e nerat e an e ncrypt e d k e y by symm e trically 

encrypting th e random k e y using th e s e cr e t id e ntification numb e r; 

wh e r e in th e proc e ssing syst e m associat e s a digital c e rtificat e with th e _ e l e ctronio file, 

wh e re th e digital c e rtificat e contains th e e ncrypted k e y, such that th e e l e ctronic fil e can be 
acc e ss e d only aft e r th e proc e ssing syst e m r e stor e s th e random key through d e cryption of the 
e ncrypted k e y with th e s e cr e t id e ntification numb e r; 

wh e r e in th e random k e y is us e d to sign the fil e c e rtificat e , th e e l e ctronic file is 

optionally e ncrypt e d using th e random k e y, the e l e ctronic fil e is access e d wh e n th e fil e 
c e rtificat e is v e rified using th e random k e y and th e e ncrypt e d e l e ctronic fil e is d e crypt e d using the 
random k e y; and 

wherein the encryption of the electronic file can be bypassed and the digital platform 
certificate decoupl e s allows from modification pr e v e ntion detection and authentication of the 
electronic file. 



Claim 20. (currently amended) The computing device of claim 1 further comprising A d e vice 
with a s e curity system for e l e ctronic fil e s including a manufactur e r certificat e comprising: 
a proc e ssor; 

an internal permanent memory in the processing system proc e ssor ; 

the internal permanent memory for storing a first manufacturer's public key, wherein the 
first manufacturer's public key is optionally hashed and cannot be modified after writing into 
permanent memory; 

an e xt e rnally acc e ssibl e m e mory coupl e d to th e proc e ssor; 

the externally-accessible memory comprises the manufacturer certificate for asymmetric 
encryption and for prevention of firmware modification and copying; wherein the manufacturer 
certificate comprises a second manufacturer's public key; and 

the processor for comparing the first and second manufacturer public keys and generating 
a pass or fail output to indicate a match. 
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2. The following is an examiner's statement of reasons for allowance: the 
prior art fails to teach "the processing system associates a digital certificate 
with an electronic file, where the digital certificate contains the encrypted 
key, such that the electronic file can be accessed only after the processing 
system restores the random key through decryption of the encrypted key 
with the secret identification number, wherein the random key is used to 
sign the digital certificate, the electronic file is encrypted using the random 
key, the electronic file is accessed when the digital certificate is verified 
using the random key and the encrypted electronic file is decrypted using the 
random key". The prior art, taken either singly or in combination, fails to 
anticipate or fairly suggest the limitations of applicant's independent claim, 
in such a manner that a rejection under 35 U.S.C 102 or 103 would be 
proper. The claims are therefore considered to be in condition for allowance 
as being novel and nonobvious over prior art. 

Any comments considered necessary by applicant must be submitted 
no later than the payment of the issue fee and, to avoid processing delays, 
should preferably accompany the issue fee. Such submissions should be 
clearly labeled "Comments on Statement of Reasons for Allowance." 

Any inquiry concerning this communication or earlier communications 
from the examiner should be directed to Minn Dinh whose telephone number 



Application/Control Number: 10/619,031 



Page 7 



Art Unit: 2132 

is 571-272-3802. The examiner can normally be reached on Mon-Fri: 
10:00am-6:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Gilberto Barron can be reached on 571-272-3799. 
The fax phone number for the organization where this application or 
proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained 
from the Patent Application Information Retrieval (PAIR) system. Status 
information for published applications may be obtained from either Private 
PAIR or Public PAIR. Status information for unpublished applications is 
available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Electronic Business Center 
(EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 
1000. 
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Minn Dinh 
Examiner 
Art Unit 2132 
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